General

  • Target

    583481a1d2f4f63553e25d831451b4a5_JaffaCakes118

  • Size

    540KB

  • Sample

    240718-t4hnaszfrd

  • MD5

    583481a1d2f4f63553e25d831451b4a5

  • SHA1

    27b211d6b5cd270c9606e1c1ea995261cfc42733

  • SHA256

    dc3fb0eda2c4223134a40bd142e9ef865c25ff0fecf59d826963b23562cc46cf

  • SHA512

    37db515bf2591823133474ce1bccfc8a5b82fe61334cc5d2cbd90a01b8cf84f7e83a82e72867e62c0e59386131dc553bfd42659b88260a92c0364780e8abfa6a

  • SSDEEP

    3072:zr8WDrCIoXlY7b55h8WLw/a0t6Mdt33C846aazH1irw8j/aazH1irw8jh:PuIqY7Y6MA6NVirw87NVirw8t

Malware Config

Targets

    • Target

      583481a1d2f4f63553e25d831451b4a5_JaffaCakes118

    • Size

      540KB

    • MD5

      583481a1d2f4f63553e25d831451b4a5

    • SHA1

      27b211d6b5cd270c9606e1c1ea995261cfc42733

    • SHA256

      dc3fb0eda2c4223134a40bd142e9ef865c25ff0fecf59d826963b23562cc46cf

    • SHA512

      37db515bf2591823133474ce1bccfc8a5b82fe61334cc5d2cbd90a01b8cf84f7e83a82e72867e62c0e59386131dc553bfd42659b88260a92c0364780e8abfa6a

    • SSDEEP

      3072:zr8WDrCIoXlY7b55h8WLw/a0t6Mdt33C846aazH1irw8j/aazH1irw8jh:PuIqY7Y6MA6NVirw87NVirw8t

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks